Cyber Laws In India


Cyber Laws In India


  1. Introduction
  2. What are cyber crimes
  3. Importance of legislation to curb cyber crimes
  4. Genesis of cyber laws
  5. Types of cyber crimes
  6. Cyber Laws in India
  7. Cases
  8. Conclusion

1.    Introduction

In the modern world of digitalisation all aspects of our day to day lives are rapidly moving towards computerisation and digitalisation. Virtual world and space has acquired recognition in today’s time and is growing and taking a new shape every day.

Along with the world moving towards digital space the crimes have also expanded their ambit towards it. So, there is an obvious need to control the evil minded people from spreading a menace in this new world.

2.    What are cyber crimes

The phrase ‘cyber crime’ has not been defined anywhere in any statute or legislation in India as such. It draws its meaning from Indian Penal Code 1860 (hereinafter IPC) itself[i].

The term crime means any act or omission that constitutes an offence punishable under IPC.  If such offence relates to abuse of computer or any other electronic device to commit an offence it is termed as cyber crime.

So, in cyber crimes, computer itself or any data stored in it are either the target of an offence or they are used as a tool to commit some offence.

3.    Importance of legislation to curb cyber crimes

The growth in digitalisation of almost all aspects of our day to day lives and increasing use of internet, world wide web and virtual space known as cyber space has its own merits. But merits and demerits exist together like two sides of a coin.

So, the demerits of this growth is that this cyber space and internet is also used by evil minded people of the society who use this for wrongful purposes.

Cyber crime legislations are therefore necessary to curb this wrongful use and to punish the offenders in order to secure the rightful interests of the people.

4.    Genesis of cyber laws

  • Use of internet and electronic devices gained momentum in mid 90’s. Before that all the transactions and evidences were recorded in papers and posted to the other person. So, everything basically existed in what we call these days as hard copies.


  • But with change in time virtual space stored in computers or other devices attached to it took the place of paper works and internet communication took place of post, telex etc.


  • In order to secure this form of documentation United Nations Commission on International Trade Law (UNCITRAL) passed a model law securing the ecommerce which was later recommended by UN to be considered by all states which were party to UN.


  • In compliance of such recommendation of UN, Information Technology Act 2000 (ITA) was passed in India.


  • This act provided legal recognition to electronic documents, electronic signature, offences and contravention and laid down a system for dispensation of justice in case an offence is committed.


  • However, there were some lacunas left in this act which were later discussed and hence eradicated by enacting an amendment act named Information Technology Amendment Act 2008 (ITAA).

Types of cyber crimes

Cyber Crimes can be divided in to types:

Using computer as a target Using computer as a weapon
When computer or data stored in it is attacked by using some other computer or device it is the case of using computer as a target. When a computer device is used to commit real world crimes it is using computer as a weapon to commit cyber crimes.
For example: spreading virus or worms, hacking, DOS attack etc. For example: Pornography, Credit Card frauds, IPR violations, cyber terrorism etc.


Cyber Laws in India

  • Strictly speaking, statutes enacted specifically to deal cyber crimes in India are ITA 2000 and ITAA 2008.


  • But ITA has also made certain amendments in Indian Penal Code 1860, the Indian Evidence Act, 1872, the Bankers’ Books Evidence Act, 1891 and the Reserve Bank of India Act, 1934 in order to give effect to the provisions of ITA.


ITA 2000 and amendments

The ITA has been divided into 13 chapters and 4 schedules including 94 sections the main provisions of which are as follows[ii]:

  • Applicability: The act is applicable to all of India and unless otherwise provided by any law it is also applicable on certain crimes committed outside India.


  • Exclusions: The provisions of this statute are not applicable on certain things as described in the schedule 1 attached to the Act.


  • Section 2 of the Act provides for certain definition of words that should have the meaning as provided therein throughout the reading of this statute.


  • Section 3 of the act defines Digital Signature and states that digital signature is an asymmetric crypto system and hash function and not a scan copy or otherwise of signature of a human being. This was later termed as Digital Signature and Electronic Signature by ITAA because of certain controversies that arose due to use of term digital signature.


  • Chapter 3 of the act that includes section 4 to 10 gives recognition to Digital or electronic form of signature. It also recognises records kept in electronic form as valid and sufficient but not compulsory form of record keeping. It also gives power to the Central Government to make laws and regulations regarding digital signatures.


  • Chapter 4 that includes Ss 11, 12 and 13 provides that an electronic record shall be considered attributed if sent by originator himself or someone on his behalf. It shall be considered to be received, if not stated otherwise by originator himself, automatically on successful reception at the device of receiver.


  • Chapter 5e. Ss. 14, 15 and 16 deal with secured form of electronic record and digital signature which shall be considered secure if sufficient security procedures are applied to them. Central Government has been conferred the power to make regulations regarding this.


  • Chapter 6e. Ss. 17 to 34 of Act are regarding the regulations and certifying authorities appointed for the purpose of this Act and their functions and powers. It provides for appointment of a Controller, Deputy Controller and Assistant Controller and their functions and powers.


  • Under S. 21 any person can make an application to the Controller to issue a license to issue Digital Signature. Provision has also been made for renewal and suspension of the license and procedure has been laid down on the basis of which license can be rejected or granted.


  • Chapter 7 which includes Ss. 35 to 39 makes provisions regarding digital signature certificates i.e who shall be authorised to issue digital signature certificates, representation on issuing digital signature certificate, grounds for its revocation and suspension and notice for the same.


  • Chapter 8 deals with the duties of subscribers of digital signature and with penalties that shall be made applicable on non compliance of the duties laid down therewith.


  • Chapter 10 of the Act makes provision for the establishment of Cyber Appellate Tribunal which shall deal with all matters brought before them in form of  appeals made from the orders of Controller. Section 61 excludes jurisdiction of Civil Courts in such matters.


  • Section 72 states that all appeals from the decision of Cyber Appellate Tribunal shall be made in the High Court and any penalty made applicable by the Tribunal shall be treated as arrears of land revenue and any digital signature if issued shall remain suspended during this period.


  • Chapter 11 of the act deals with various offences dealt under the Act and their punishments. Such offences and their punishments are as follows:


Offence Punishment
Tampering (intentionally destroying, concealing or altering) with computer source document ·        imprisonment of maximum three years, or

·        with fine extending up to two lakh rupees

·        or with both.

Hacking with computer system ·        imprisonment of maximum three years, or

·        with fine extending up to two lakh rupees

·        or with both.

Publication of obscene content in electronic form If first time offender:

·       imprisonment of either description

·       for a maximum term of five years

·       and with fine extending up to one lakh rupees


second or subsequent conviction

·       with imprisonment of either description

·       for a term of maximum ten years

·       and also with fine extending up to two lakh rupees.


Non compliance of directions of controller under S. 68(1) ·        imprisonment for a term of maximum three years

·        or to a fine extending up to two lakh rupees

·        or both

Failure of subscriber to assist agency mentioned under S. 69 (1) and (2) ·        imprisonment for a term of maximum  seven years
Securing access or attempting to secure access to protected system u/s 70 ·        imprisonment of either description

·        for a term of maximum ten years

·        and also fine

Misrepresentation or suppression of material facts from Controller u/s 71 ·        imprisonment for a terms of maximum two years,

·        or with fine extending up  to one lakh rupees,

·        or both.

Breach of confidentiality and privacy u/s 72 ·        imprisonment for a term of maximum two years,

·        or with fine extending up  to one lakh rupees,

·        or both.

Publishing false digital signature certificate ·        imprisonment for a term of maximum two years,

·        or with fine extending up  to one lakh rupees,

·        or both.

Publication of digital certificate for fraudulent purposes ·        imprisonment for a term of maximum two years,

·        or with fine extending up  to one lakh rupees,

·        or both


  • Chapter 14 deals with certain miscellaneous provisions and the schedule 1 to 4 describe various amendments that have been made in Indian Penal Code 1860, the Indian Evidence Act, 1872, the Bankers’ Books Evidence Act, 1891 and the Reserve Bank of India Act, 1934 in order to give effect to the provisions of ITA.


State of Tamil Nadu v Suhas Katti[iii]

  • This was the first case in which the offender was prosecuted u/s 67 for publication of obscene objects and defamatory and annoying messages about a divorced woman.


  • In this case, the accused was found guilty of offences under section 469, 509 IPC and 67 of ITA 2000 hence he was convicted and sentenced for all these offence the punishment for each running concurrently.


  • This case had set a benchmark in the cyber law judgements and provided strength to people being harassed through internet.


Sanjay Kumar vs State Of Haryana[iv]

  • This case is related to cyber fraud.


  • In this case, the accused was deputed by a company to maintain their software in a bank. He wrongfully interfered with the data stored and changed the details of one account thereby causing wrongful gain to himself and wrongful loss to the bank.


  • The accused was thereby held liable for the offence u/s 65  and 66 of the Information & Technology Act, 2000 and was punished accordingly.


SMC Pneumatics (India) Pvt. Ltd. v. Jogesh Kwatra[v]

  • This was the first case related to cyber defamation where reputation of a corporate was being defamed through emails[vi].


  • The High Court of Delhi in this case assumed jurisdiction over itself and hence passed an ex parte injunction against the accused.


Cyber law legislations are the need of the hour and are still developing in nature. In the modern time with the growth of crime rates in cyber space the cyber laws are also increasing their ambit in order to secure rights of the people. But there are several emerging cyber offences that would need protection which have still not been provided for.


Please enter your comment!
Please enter your name here